Skip to content

Commit

Permalink
feat: initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@MDr164
MDr164 committed Nov 27, 2023
0 parents commit a6ff55e
Show file tree
Hide file tree
Showing 28 changed files with 893 additions and 0 deletions.
57 changes: 57 additions & 0 deletions .github/ISSUE_TEMPLATE/bug-report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Bug Report
description: File a bug report
title: "[Bug]: "
labels:
- "bug"
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report!
- type: input
id: contact
attributes:
label: Contact Details
description: How can we get in touch with you if we need more info not publicly disclosable?
placeholder: ex. email@example.com
validations:
required: false
- type: textarea
id: what-happened
attributes:
label: What happened?
description: Also tell us, what did you expect to happen?
placeholder: Tell us what you see!
value: "A bug happened!"
validations:
required: true
- type: input
id: version
attributes:
label: Version
description: What version of our software are you running?
validations:
required: true
- type: dropdown
id: platforms
attributes:
label: What platform are you seeing the problem on?
multiple: true
options:
- Not Applicable
- Qemu virt-ARM
- ASRock PAUL
- type: textarea
id: logs
attributes:
label: Relevant log output
description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
render: Shell
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/u-bmc/u-bmc/blob/main/CODE_OF_CONDUCT.md)
options:
- label: I agree to follow this project's Code of Conduct
required: true
8 changes: 8 additions & 0 deletions .github/ISSUE_TEMPLATE/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
blank_issues_enabled: true
contact_links:
- name: Slack
url: https://slack.osfw.dev/
about: Please ask and answer questions here.
- name: Discussions
url: https://github.com/orgs/u-bmc/discussions
about: For general discussion and design triage.
36 changes: 36 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Build
on:
push:
branches:
- master
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
branches:
- master
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Run Build-Pipeline
uses: dagger/dagger-for-github@v5
with:
verb: run
args: go run ci/main.go -cmd "go build -o output/ ./cmd/example/main.go"
version: "0.9.3"
- uses: actions/upload-artifact@v3
with:
name: build-artifact
path: output
30 changes: 30 additions & 0 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Linting
on:
push:
branches:
- master
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
branches:
- master
permissions:
contents: read
jobs:
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: v1.54
86 changes: 86 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
name: Release
on:
push:
tags:
- "v*"
permissions:
contents: read
jobs:
release:
outputs:
hashes: ${{ steps.hash.outputs.hashes }}
permissions:
contents: write # needed for goreleaser to create a GitHub release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Fetch all tags
run: git fetch --force --tags
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Install Cosign
uses: sigstore/cosign-installer@v3
- name: Install Syft
uses: anchore/sbom-action/download-syft@v0.15.0
- name: Run GoReleaser
id: release-pipeline
uses: goreleaser/goreleaser-action@v5
with:
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Generate subject
id: hash
env:
ARTIFACTS: "${{ steps.release-pipeline.outputs.artifacts }}"
run: |
set -euo pipefail
checksum_file=$(echo "$ARTIFACTS" | jq -r '.[] | select (.type=="Checksum") | .path')
echo "hashes=$(cat $checksum_file | base64 -w0)" >> "$GITHUB_OUTPUT"
provenance:
needs: [release]
permissions:
actions: read # to read the workflow path
id-token: write # to sign the provenance
contents: write # to add assets to a release
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0
with:
base64-subjects: "${{ needs.release.outputs.hashes }}"
upload-assets: true # upload to a new release
verification:
needs: [release, provenance]
runs-on: ubuntu-latest
permissions: read-all
steps:
- name: Install the verifier
uses: slsa-framework/slsa-verifier/actions/installer@v2.4.1
- name: Download assets
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PROVENANCE: "${{ needs.provenance.outputs.provenance-name }}"
run: |
set -euo pipefail
gh -R "$GITHUB_REPOSITORY" release download "$GITHUB_REF_NAME" -p "*.tar.gz"
gh -R "$GITHUB_REPOSITORY" release download "$GITHUB_REF_NAME" -p "*.zip"
gh -R "$GITHUB_REPOSITORY" release download "$GITHUB_REF_NAME" -p "*.sbom"
gh -R "$GITHUB_REPOSITORY" release download "$GITHUB_REF_NAME" -p "$PROVENANCE"
- name: Verify assets
env:
CHECKSUMS: ${{ needs.release.outputs.hashes }}
PROVENANCE: "${{ needs.provenance.outputs.provenance-name }}"
run: |
set -euo pipefail
checksums=$(echo "$CHECKSUMS" | base64 -d)
while read -r line; do
fn=$(echo $line | cut -d ' ' -f2)
echo "Verifying $fn"
slsa-verifier verify-artifact --provenance-path "$PROVENANCE" \
--source-uri "github.com/$GITHUB_REPOSITORY" \
--source-tag "$GITHUB_REF_NAME" \
"$fn"
done <<< "$checksums"
72 changes: 72 additions & 0 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
name: Tests
on:
push:
branches:
- master
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
branches:
- master
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Run Test-Pipeline
uses: dagger/dagger-for-github@v5
with:
verb: run
args: go run ci/main.go -cmd "go test -shuffle=on ./..."
version: "0.9.3"
race:
runs-on: ubuntu-latest
needs:
- test
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Run Race-Condition-Pipeline
uses: dagger/dagger-for-github@v5
with:
verb: run
args: go run ci/main.go -cmd "go test -shuffle=on -race ./..."
version: "0.9.3"
coverage:
runs-on: ubuntu-latest
needs:
- test
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.21"
check-latest: true
- name: Run Coverage-Pipeline
uses: dagger/dagger-for-github@v5
with:
verb: run
args: go run ci/main.go -cmd "go test -shuffle=on -cover -covermode=atomic -coverpkg=./... -coverprofile=output/coverage.txt ./..."
version: "0.9.3"
- name: Upload report to Codecov
uses: codecov/codecov-action@v3
with:
files: output/coverage.txt
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
output
Loading

0 comments on commit a6ff55e

Please sign in to comment.